User Account

All Pages

Security onion vm capture packets from your virtual machine

Assignment Help Computer Engineering
Reference no: EM131485657

Assignment

For each of these tasks, take screenshots of pertinent information and briefly describe the significance of the content in the screenshot. Please create one document in PDF file and upload to blackboard.

- Task 1 - Analyze FTP pcap file
- In Security Onion VM capture packets from your virtual machine (as reviewed in class)
- Open up terminal
- Type inftpftp.ed.ac.uk
- At the username prompt type in anonymousand hit enter
- At the password prompt type in anonymous and hit enter
- Typels
- Typeexit
- Stop the Wireshark capture
- Look through the wireshark file and see if you can spot the packets for the ftp user
- Save the PCAP file to the desktop of the security onion vm
- Open NetworkMiner and analyze the pcap file, take screen shots of the source/destination computers, and the commands that were executed after successful connection to the FTP server.

- Task 2 - Finding interesting strings in a pcap file
Purpose of this lab is to find files contained within a pcap file. There are different techniques to achieve this objective. The following steps will enable you to see what type of strings are contained in a pcap file. Then use that information to extract file.
Note: commands are in bold, italics and underlined.
1. In Security Onion open Terminal and change directory to your desktop & type in cd ~/Desktop
2. Run the strings command with a minimum string length of 10 on /opt/samples/markofu/outbound.pcap. Save the output to ~/Desktop/outbound-strings.txt
a. In Terminal window type in strings -n 10 /opt/samples/markofu/outbound.pcap> ~/Desktop/outbound-strings.txt

3. View the output with less command
a. less ~/Desktop/outbound-strings.txt
Space bar or down arrow moves down
Up arrow moves up
The / key will search for content, for example:
/GET <enter>
This will search for the string "GET" (case sensitive) below the cursor
Press "q" to quit when you are finished

Note the filename in the GET at the top
Some strings to look for: GET, FTP, PASS, !This program cannot be run in DOS mode

- Task 3 - Extract files using Wireshark
- In Security Onion VM, locate the PCAP files by issuing locate .pcap command on the terminal
- Some sample files are located in /opt/samples/
- Open /opt/samples/markofu/outbound.pcap in Wireshark
- Right click on Packet #4 and click on Follow TCP Stream (take screenshot of the stream).
- What is the name of the file from the GET command?
- Close the TCP Stream window
- Clear your filter (it should display all the packets)
- Export the file
- File --> Export Objects --> HTTP and clicking on "Save all"
- Save it to your desktop and take screenshot highlighting the file
NOTE: Do not execute this file unless you have a sandbox environment

Reference no: EM131485657

Questions Cloud

How much heat is released when : The value of H° for the reaction below is 72 kJ. How much heat is released when 1.0 mol of HBr is formed in this reaction.
Why do some metals form octahedral complexes : Why do some metals form octahedral complexes (rather than tetrahedral or square planar complexes)?
What is the net income for each of the years listed : Examine the table that follows. Then answer the following questions. What is the net income for each of the years listed? How did you find the answer?
Describe and state the long-term impact on personal selling : Describe each and state the long-term impact on personal selling as a profession. As an example, one of the newest aspects involves reverse auction hubs
Security onion vm capture packets from your virtual machine : What is the name of the file from the GET command - briefly describe the significance of the content in the screenshot.
Sodium dihydrogen phosphate : A buffer solution contains 0.0237 mol sodium dihydrogen phosphate and 0.0165 mol of sodium hydrogen phosphate in a solution volume of 800. mL.
How would you try to offset the negative effects : How would you try to offset the negative effects? What would you suggest to city planners as a way to lessen suburban "sprawl" in future development?
Identify two ways a firms cash flow can be used : Identify two ways a firm's cash flow can be used. Explain why these uses are a trade-off, and explain the opportunity costs of these choices in terms.
Innovation is the cornerstone of the business world : Innovation is the cornerstone of the business world.Corporations constantly need to adapt to problems and seek solutions to consumer issues.

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd